IPv6 Launch day has come and gone - where are we?
World IPv6 launch day has come and gone, and you may have noticed SparkFun.com still doesn't sport a 'AAAA' record in our DNS.
If you're wondering what IPv6 or an AAAA record is, let me begin by stressing how important IPv6 is, and more so, how critical it is that the entire world transitions to it quickly. IPv6 is the replacement of the addressing system of the internet. Our current version of the internet's addressing system allots approximately 4.29 billion addresses. This is quite a bit fewer than the number of people in the world, and substantially fewer than the rapidly-growing number of internet-connected devices out there. There were over 300 million new Android phones activated in the last year alone, and that's not even scratching the surface (RFC2324 compliant coffee pots are going to push us over the edge).
During the inception of the internet, the initial address space was thought to be more than adequate, as the founders of IPv4 didn't expect the internet to ever expand outside a few university and military labs back in 1981. Even so, the old addressing system was well thought out for just being an experiment that never ended. 4.29 billion addresses is nothing to sneeze at, but the new address space of IPv6 is beyond gargantuan proportions. IPv6 ensures that this time around, we really won't run out by using a 128-bit address space. How many exactly? 340,282,366,920,938,000,000,000,000,000,000,000,000 - That's enough to assign an address to every eukaryotic cell in our galaxy, assuming that there are at least 10 billion other planets out there in the Milky Way just as alive as earth is. With numbers this large, the decision was made that standardizing allocations of address blocks trumps the immense amount of wasted space. Our /48 subnet allocation alone grants SparkFun an address space of 18,446,744,073,709,552,000 IPs. Unfortunately, this makes for some complex addresses, like: 2001:1926:3df:5:5054:ff:fe05:a221/64. Just a bit more difficult to remember than 192.168.5.61/24. On the other hand, IPv6 brings many new features, and negates the need for services such as DHCP, which is primarily used to allocate addresses from a pool to connected devices. This is because everything can be guaranteed a unique address by performing a stateless autoconfiguration, based on a broadcasted prefix to itself using Modified EUI-64, where the MAC address of the device is slightly modified and appended to the prefix. IPv6 is much, much more than just a larger addressing pool, it redefines traffic at one of the lowest layers in networking.
Earlier this month we made the jump to IPv6 internally, but unfortunately our upstream internet provider and datacenter host has yet to commit to supporting it. Luckily, a tunnel broker known as 'SixXS' granted us a /48 subnet in order to satiate our thirst for connectivity to the new internet (Special thanks to 'Jeroen' for making this happen). This, unfortunately, is a dirty workaround and came with a caveat. Both Windows and Linux systems will 'prefer' IPv6 routes over IPv4 by default, which makes for a substantial amount of traffic for our tunnel broker. The solution for this was to turn off the route, and use it only when needed, until our upstream provider starts routing IPv6 packets. Unfortunately, the adoption of IPv6 is still relatively low, but it's starting to climb quickly.
So, what does this transition mean for most end users? With IPv6, the days of NAT traversal are (almost) gone. NAT came around as a band-aid for the quickly-dwindling number of publically assignable addresses, and allowed you to have a single external address that people could contact all of your devices with. Unfortunately, this complicates life, as you need to tell your device doing your NAT translations where to send inbound traffic, and makes life substantially less fun for network administrators. Specifications such as UPnP and TCP/UDP hole punching such as ICE and STUN(T) consequently arose to allow devices and applications to receive unsolicited external connections. Being able to receive data without first initiating a connection is pretty important, as two devices behind a device doing NAT translation, such as a home router, can't talk to each other without a third party. This, however, led to NAT becoming a sort of security “feature” that helped eliminate many early worms and malware that attacked open ports with insecure services, such as the Blaster Worm.
IPv6 also augments mesh networking and the interoperability of personal area networks with existing networks, and specifications such as 6LoWPAN from the IETF have arisen to compete with ZigBee, currently found on most of our 802.15.4 modules (although ZigBee has announced that they are investigating the possibility of adding IPv6 support). Additionally, traffic can be encrypted using a standard known as IPsec, which was developed in conjunction with IPv6. All standards-compliant IPv6 devices are required to support IPsec, which should help to keep eavesdroppers from snooping in on traffic from your Tricorder -- at least until us mere mortals get our hands on quantum computers capable of using Shor’s algorithm.
The specification for IPv6 was finalized in 1996, and repeated deadlines to make the jump were facetiously missed by governments and large ISPs around the world for over a decade. Luckily, with the clock quickly nearing zero-hour, IPv6 is starting to be taken very seriously and is seeing rapid adoption and backing by large ISPs and companies, many of which have their own IPv6 awareness campaigns. A few of these can be found at Google, Comcast, ATT, and Cisco. If you're part of an organization which has yet to start the transition, urge them to start making preparations for the move!
Just for those who doubt, yes there have been some false starts with IPv6, however the time to aggressively move to it is now(I'm speaking to network admin's more than Joe Internet User). There will be a long overlapping transition period, but without getting our feet wet with IPv6, we won't be able to finally mature it to the same level that IPv4 has attained through years of use.
Just to give context, I'm a network guy for a very large university that you've heard of, and I rub elbows with folks from I2, etc etc. Also IPv4 numbers are kinda black and white- there ain't no more. And NAT bandaids don't really work well at scale. (At home, sure, branch office, okay, carrier, um not so much. Been tried, and didn't go so well).
IPv6 support tools are still a bit wild and wooly, but it's time to kick the tires and light the fires on this. We don't really have an alternative, and major players are indeed, lighting it up.
"The solid rocket boosters have been attached to the pig that is IPv6" - Paul Vixie, author of BIND
I like your quote: “The solid rocket boosters have been attached to the pig that is IPv6” - It is exactly that.. a PIG, which shouldn't fly, but is being pushed by un-natural means to force it to get so far, but that's as far as it'll get... UNTIL there's some real consumer need/demand to force a profit driven ISP infrastructure to proceed with it.
Certainly v6 will be in the backbone, and there will be some organizations on v6 directly - Universities, government, etc, but it's going to be FEATURE driven, not address exhaution driven, because with VPNs, NATs, and the fact that 99% of the consumers paying $40/month dont know the difference between 10.1.1.x/8 and a routable IP address, there's no reason for the ISPs to spend money to convert everyone, let alone hire the support to walk grandma through the process of how to flash her old WRT-54G to support IPv6. That's a headache that nobody wants.
Have fun riding your flying pig, but I predict that your job is going to involve a lot of "How do we let our users access this at home through 6to4 gateways, proxies, firewalls, vpns, etc..." because the rest of the world will be on IPv4 until the new version of Farmville wont work without a direct IPv6 connection.
IPv4 and v6 will be running in parellel for a long time, which addresses the 6to4 issue (see my above statment "There will be a long overlapping transition period..." to amplify, this period will be measured in years. However there are other considerations besides "user market forces" driving adoption. I expect that IPv6 will mature and transform to something better, IPv4 wasn't exactly perfect on day one either. The point is that we need to get past day one and start that maturation process, and we're now at the point that field rollouts are the most efficient way to do it.
NAT sucks. NAT at large scales, which is what would be needed without address space expansion, sucks even more, on a logarithmic slope. It doesn't matter to users for the most part, but it does matter to the carriers and ISP's, who don't like unreliable solutions. Hmm, so actually, it does matter to the users, but in the form of "my internet is acting weird again" rather than a more specific technical complaint.
IPv6 adoption will occur, it's just a matter of how quickly. Current resistance is due mostly to the uncomfortable change of how things are done, and a few remaining support issues (IPv6 DNS DB's, tool dev, IPv6 packet inspection tools etc.). So is it fully baked? No. Is it where we're going to go, Yep.
These IPv6 events, panics, articles always come and go. They were saying the same thing 10 years ago, and here we are again.
The sluggish pace of IPv6 adoption is simply because there isn't a compelling need for it. We all thought that we'd be assigning unique IPs to all our devices and that people across the world would need to as well. Well that didn't happen, and even at the IP level we've adapted with NAT and other tools that let us continue our way of life.
Even so, IPs just don't matter to the way we work as much as they used to. They still matter--the Internet runs on IPs--but they way people use the Internet has changed, and the emphasis is less on assigning unique numbers to your devices, and more about utilizing services that provide the "locations." How many people host their own servers? Need a static IP for their online gaming? Need their phones to have a unique IP? Need to port-forward to download from IRC? I do, but most people don't. Even websites don't need unique IPs.
Where is the panic in Asia now that the IP space has been used up? No panic. People made the silly assumption that everyone in Asia would need or want a unique IP; that wasn't the case here, so why would it be the same there? Networks have adapted, tools such as NAT are available to everybody, and most people never even think about the IP they're temporarily assigned, or port numbers, etc. Yeah, possibly a pain in the butt, but not crippling.
So watch as another article like this pops up in another year or two, extolling the benefits of IPv6 and lamenting that the change hasn't already happened.
APNIC's (Asia's regional registry) last allocation was just used up 2 months ago, and it is indeed a very big deal - and they say so themselves.
"This event is a key turning point in IPv4 exhaustion for the Asia Pacific, as the remaining IPv4 space will be ‘rationed’ to network operators to be used as essential connectivity with next-generation IPv6 addresses (PDF Link). All new and existing APNIC Members who meet the current allocation criteria will be entitled to a maximum delegation of a /22 (1,024 addresses) of IPv4 space.”
10 years ago we foresaw this coming, and emphasized the importance of preparing for the transition. It will take some time before the actual addresses that have been allotted by APNIC are exhausted.
And the same site also states that given the current rate of IP utilization that it'll be years before the current unused block of over 16 million IPs is close to being used up, even ignoring IP recycling. This is in Asia too, where most of the growth and need is.
Don't get me wrong, I'd love to have the world switch to IPv6, but the switch just isn't that compelling. Most of the reasons behind pushing IPv6 was this idea that the billions of people in Asia would need lots and lots of IPs to utilize the Internet. Four billion IPs looked like a small number by comparison. What was overlooked was that IPs are not static resources, and that most people will not need to use IPs in the manner that was previously foreseen.
There is no doubt that it will take time to see the entire pool used up, but it will begin to happen over the next couple of years -- I'm not decrying the end of the internet, just that people who are in positions to be proactive about this should do so. We will switch to IPv6 - there is no need to procrastinate it, and it would be diligent to support it wherever reasonably possible so others aren't waiting on you to start transitioning to a dual stack (as we are, with our upstream provider). It's a substantial effort to make the transition, as countless devices and applications need to be updated. The switch isn't compelling because it's not necessarily broken for you, but it's very compelling to software developers and network engineers around the world. IPv6 brings many real-world benefits to developers and users alike, and hundreds of device manufacturers, governments, and service providers have done their part in supporting IPv6 and are stressing the importance of transitioning.
What you're seeing there is the effect of APNIC's final /8 allocation policy -- the short of it is that each company can get only one allocation of 1024 IPs from the final block. Sure, it'll take many years for that last block to run out, but that's irrelevant to each individual company, since once they've got their one allocation that's it.
Don't let that fool you into thinking that means they have plenty of IPs. They don't, and ISPs there will blow through 1024 addresses in no time. The actual demand is high enough that if the allocation policy was removed, their final block would be allocated in less than a month. APNIC really is out.
Yes and MSDOS did things so much better than Windows for years, horses were more capable than cars (they self-reproduce like a 3D printer) etc., why would we have wanted to change?
Way to knock the strawman down. Your examples are not related to resource utilization, and switching to IPv6 can hardly be considered a revolutionary change in the way we do things (especially considering what I outlined above).
This is more like running out of oil to fuel our cars: yeah, it eventually will come; yeah, we'd like to switch off oil to something else--but the situation is not so dire that we are in panic mode to switch out. It'd be great to be on IPv6, but the very fact that little has been done highlights that it isn't a huge problem. We'll see these articles popping up again in a few years too.
I agree 100% - I've been listening to this "out of addresses" crap for what seems like forever, but over the years, IPv4 has continued to get more and more entrenched into a consumer based Internet where there's no need to make the move. We have UNLIMITED IP ADDRESSES already, so long as most people dont care that they're getting a 10.x.x.x/8 address from their ISP. The bottom line is that unless the next "Facebook" only runs on IPv6, there will be no real push from the consumer to get there, and the catch 22 is that no new app could become the "killer app" without supporting the current mass of IPv4 users.
I am reminded of the "fact" that the government dictated that ADA would be the only programming language allowed for government contracted applications, back in the '70s and '80s.. I dont see IPv6 getting further than the backbone and some "niche" users for a good, long, time.... and that's OK..
I don't think the industry people are the ones creating the panic, its the media a.k.a. the bloggers that are creating the panic/hype.
IPv6 is necessary, and if you don't start today it won't be finished tomorrow (metaphor alert!!!!) and if dos vs windows is a bad example then how about 8 vs 16 vs 32 vs 64 bit address spaces?
But seriously, it is necessary, and unfortunately most people don't care, don't know, or don't understand. and that's how the over-hype gets started because the media gets to spin the story almost without regard. But that doesn't negate the need or the need to start now. And starting now doesn't mean the world will end if we don't, it just means you can never finish if you never start.
Of course the industry people aren't creating the panic - we're running around like chickens with our heads cut off testing everything we can to make sure it'll either work with IPv6 or work behind a firewall where it doesn't have to use a public IPv4 address, and trying to find which pieces of equipment say they'll run IPv6 but actually run a lot slower if they have to do very much of it. (For instance, that firewall over there is using ASICs or FPGAs to accelerate IPv4 pattern-matching but uses the CPU for IPv6 or fancy tunnel protocols, and the CPU is three years old so it's only dual-core instead of 8-core.)
And we really needed all the bloggers creating that panic just to get this far.
And thanks to Sparkfun for a nice article - I mostly think of you as dealing with equipment where we don't care about IPv6 addressing, we care about "solder the LED to pin 12" or at most "the board talks USB to the PC, and the PC uploads the software to a website." One technical correction, though - you still need services like DHCP, whether it's DHCPv6 or the Router Advertisements that work along with the EUI64/MAC-based autoconfiguration. And most servers will still get their host address manually assigned so it looks like ::1 instead of ::64-ugly-bits.
I agree. We've been in "virtual" panic mode for over a decade but the movement has been slow. The good news is that some major companies are making the switch and I think in a year or two you will see more networks switching over.
But make no mistake, IPv6 has to be implemented a some point but it will be done so in piecemeal fashion, as it should.
Does an Arduino Ethernet SD shield support IPv6?
At the moment the Arduino Ethernet Shield uses the W5100. Last I checked the W5100 does not support IPv6. WIZnet has been talking for awhile now developing the chip embedded with the IPv6 stack. I haven't heard any update on this for awhile now. This is actually been discussed on the Arduino.cc forums too. I will have to do some digging to see if they have done this yet. There are shields that do support IPv6 out on the market, but they do not use the W5100. (Going to look into it in a little bit for you!)
UPDATE: Wiznet support team got back to me and it is still under development. Hope this helps! :)
Thanks alot! One other question, if I continue to use IPv4 on the Ethernet shield, for how long will I be able to use all the functionality of it?
I currently work as a student employee for networking at my University. The network group haven't set a date to move to IPv6 but it looks like it will be in the next 5-8 years. That being said, IPv4 would last much longer after that.
Most websites will have IPv4 addresses for years, and also have IPv6 addresses. Most of your home devices will support IPv4 with NAT and RFC1918 private addresses for a long time, and the computers and a few other things will also have IPv6. One of the big issues is that many home routers / cable modems / DSL modems don't support IPv6, so the broadband companies haven't been pushing really hard to retrofit IPv4 users with IPv6-only service, though the ones who can are pushing towards solutions like "IPv4 with Carrier Grade NAT and IPv6 with real addresses." There are a bunch of different flavors of IPv4/IPv6 tunnelling and NAT solutions that carriers and end users are using to glue stuff together.
IPv4 will be around for a very long time to come, however over time it'll be phased out and eventually have added latency when talking to external IPv6 networks, as it'll have to go through a 4to6 LSN to reach them.
Please label your graphs. You made the engineer in me cringe.
Sincerely, A Concerned Customer
The small embedded 8 bit device is a good reason to keep IPv4 around. Those extra bytes are expensive & IPv4 is simpler. Can iOS already accept an IPv6 address & is AT&T already giving IPv6 addresses? It's unlikely an ISP is going to give you all the addresses you want. They'll still have to keep 2 users from stepping on each other, be assigned a small range, & turn those addresses into money.
iOS has full IPv6 support since around 4.1.
I have no idea if AT&T is handing out IPv6 addresses. But my ISP, Internode, moved their dual-stack ADSL network from trial state to production last year, and IPv6 is enabled by default on all new accounts. They hand out a static /56 subnet - a reasonably sized range.
I make telecommunications equipment for a living, and for those of you who think this is the same hype as 10 years ago, consider that service providers are now almost universally demanding that all new equipment be IPv6 capable, when as recently as last year there was very little demand at all. In other words, it has moved from "try it out in our lab" levels of demand to ramping up for widespread deployment. If providers are thinking about it now, it's probably only a few years down the road at most when new deployments will be getting IPv6 addresses.
As cool as IPv6 might sound there is a good reason why it isn't being adopted on a global scale. The world just got smart about tech hype and economics. IMHO IPv6 had its best shot in a pre-dot.com times. However now its all about true benefit; economics and credible justification for doing anything tech.
Of course eventually IPv6 might become predominant in our lifetime, or not. We shall see.
For most of us who use this site, it will become predominant in our lifetime. If we want the internet to continue to be the increasingly useful tool for the general public that it's been in the last few decades IPv6 is a must, no question about it!
This is a case where being jaded about buzz-worthy technology is a hinderance to good decision making. Yes, there is no valid economic case for a made rush to IPv6 within a year. Even given that, a gradual transistion will have the lowest economic and other costs for all involved, and the more time there is between the transistion's start and we reach the true exhaustion of IPv4 the easier it will be.
However, I'm enough a student of human nature to recongize that in these types of situations the rational course of action is ignored by most people until it's almost too late. This isn't due to most people being stupid or lazy. There are psychological and socialogical reasons for this, like diffusion of responsibility and the "somebody else's problem" effect, that tend hinder people's desire to proactively address serious but initially preventable problems until they almost become inevitable.
Just remember Y2K, a potential problem that was apparent almost 30 years before it needed to be addressed. However, no steps major steps were taken to correct exisiting computer systems it after it was identifies, and much worse, new systems with the same flaw continued to produced well into the 1980's and early 1990's. Was there an economic incentive to "Y2K-proof" everything in 1975? Not really, but if an effort was made to correct the problem for hardware and software developed after it was descovered (something that would have required minimal, if any cost, for most applications) Y2K would have been essentially solved by the mid-1990's.
In real life it didn't happen that way and instead the response was mass procrastination. In the end all major problems were avoided. Though this was not because Y2K was "tech hype", instead it was the result of a stressful, wasteful, frenized race to fix over 80% of the problem in the last 3 to 4 years. I don't know about you, but even though I'm a hardware guy not a software guy I'd rather we not go through all that again especially since the internet has only grown in importance to most people (both in and out of the developed world).
My favorite IPv6 poster http://www.comcast6.net/images/files/more.jpg